Just my humble opinion on it, but here are a few ideas. Do you know what sub field of Security you are interested in? Network, Auditing, Pen Testing, Testing Code, forensics, C level? What is your goal, figure that out and plan accordingly. There is another thread going about various specialties in the Security field and the various certs that go along with that. If you are after Pen testing, plan accordingly. C level... make sure you're getting your CISSP etc. When you lack the experience in the field certs can get you closer to an interview... and they make HR feel important.
1) Plan certs according to desired path.
2) Study. Besides working full time, and going back to school fulltime, I spend lots of my bus ride/free time shoring up my weak points.
3) Network, which is part of why you are here I assume!
Without knowing what are your goals, it is difficult to give advice.
My own path is going like this:
I started helpdesk, but had the goal in mind of doing security. A bit of my work is devoted still, unfortunately, to taking care of tickets; though a growing amount of my time at work is devoted to Network security and very soon vulnerability testing. How I made the transition was by increasing my own personal knowledge on the subjects, and working to make myself indespensable at the office in said areas. I had a heavy background in the networking via my CCNA courses etc, so moving toward network security was a no brainer for me. I have started moving toward the vuln scanning aspect... because I caught someone scanning my work computer... and traced it back to one of the source IP. I then emailed the gentleman who is contracted to do the scanning... and politely mentioned some ways he could do so better via following a few tips from the Nessus user manual. Make your interest known to your boss, and get in contact with the people currently in those positions. That is to say... if you are interested in getting the experience at your current job in that capacity. If the school you are working for... lacks any security (computer), perhaps you should make a case to the network admin for such. Offer your services, even if you are just planning to use it as a way to pad your resume with 'security' experience.
In the end, the best advice I can give is to read up on AND experience (even if at home in a home lab) the security concepts you are hoping to be working toward for your target job in security. If you want to pen test, start reading networking, coding, protocols, and learning tools. If code assurance is your thing, learn your fuzzers and such... AND your code. If you know what you are doing in the desired field you are going for, and you can demonstrate it to the person you are seeking employment from... (perhaps a group you meet at a Con or conference), you will have an in. I'm sure others here will have far more experienced advice, but I hope mine has been somewhat helpful.
"Bad.. Good? I'm the guy with the gun"